jonas/Hoard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add admin user management and password-change flow

Browse Source 
Introduce full admin user listing/detail endpoints and a forced password-change flow. Backend: make CurrentUserResponse.UserName nullable and add ToCurrentUserResponseAsync extension; AppUserController now exposes GET /auth/user (list) and GET /auth/user/{id} (detail) using UserManager and Admin-only policy; AuthController uses the new mapper and after successful password change clears MustChangePassword, updates UpdatedAt and persists changes (with error handling) before updating security stamp. Frontend: add admin users pages (list + detail), ChangePassword page and route, adminUsers and enhanced authSession services (typed responses, changePassword API, error mapping), router guard to redirect users with mustChangePassword=true to the change-password flow, and show success banner on login after password change. UI tweaks: separate admin section in sidebar, add password-change entries in account menu, footer sizing fixes, and various layout/UX improvements. These changes enable admin account management and enforce secure password updates across the app.
This commit is contained in:
Jonas
2026-04-20 21:02:16 +02:00
parent b2984fcf1a
commit 14176a3ee2
14 changed files with 995 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files
API/Contracts/Auth/CurrentUserResponse.cs
+1 -1
View File
@@ -3,7 +3,7 @@
public class CurrentUserResponse
{
public Guid Id { get; set; }
public string UserName { get; set; } = string.Empty;
public string? UserName { get; set; } = string.Empty;
public List<string> Roles { get; set; } = new();
public bool IsActive { get; set; }
public bool MustChangePassword { get; set; }
API/Contracts/Auth/CurrentUserResponseExtensions.cs
+27
View File
@@ -0,0 +1,27 @@
using API.Models;
using Microsoft.AspNetCore.Identity;
namespace API.Contracts.Auth
{
public static class CurrentUserResponseExtensions
{
public static async Task<CurrentUserResponse> ToCurrentUserResponseAsync(
this AppUser user,
UserManager<AppUser> userManager)
{
ArgumentNullException.ThrowIfNull(user);
ArgumentNullException.ThrowIfNull(userManager);
var roles = await userManager.GetRolesAsync(user);
return new CurrentUserResponse
{
Id = user.Id,
UserName = user.UserName,
Roles = roles.OrderBy(role => role).ToList(),
IsActive = user.IsActive,
MustChangePassword = user.MustChangePassword,
};
}
}
}